Re: [c-nsp] 3750 Stack Auto Upgrade

2017-03-03 Thread A . L . M . Buxey
Hi, > Thanks Alan,, > Do you have any documentation on how to do it?...maybe you could point me in > the direction. Alan so you can number a switch before adding to a stack?. official cisco docs: eg "Switch Stack Membership" http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750e_3560e/

Re: [c-nsp] 3750 Stack Auto Upgrade

2017-03-03 Thread A . L . M . Buxey
Hi, > Has anyone one successfully upgraded stacks with the auto upgrade feature?. > If a member of a stack failed it would be nice if when replacing the failed > unit it would be automatically upgraded from the master. When I say upgraded > I mean the IOS and the configuration, is this possible

Re: [c-nsp] C3850 and NAT

2017-02-09 Thread A . L . M . Buxey
Hi, > What about support of pim sparse, bgp and bfd as well on nexus 12 k$? they are supported alan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cis

Re: [c-nsp] 3650 multi gig

2017-01-25 Thread A . L . M . Buxey
Hi, > Anyone have a 3650 Multi gig switch? > > Which ports are multi gig? depends on the model...8 or 12 ports - they are clearly labelled - you can see the info in cisco docs or the images of them on cisco.com alan ___ cisco-nsp mailing list cisco-n

Re: [c-nsp] AAA-3-BADLIST

2016-10-12 Thread A . L . M . Buxey
Hi, > Hello, > > I m getting the following on one of our production routers. > > %AAA-3-BADLIST: invalid list AAA ID 4190791 -Process= "SSH Process" Error Message%AAA-3-BADLIST: invalid list AAA ID %u ExplanationAn AAA client has provided an invalid attribute list to AAA. Recommended A

Re: [c-nsp] err-disable state on a cisco 3750 catalyst

2016-07-12 Thread A . L . M . Buxey
Hi, > Jul 12 17:30:36.218: %PM-4-ERR_DISABLE: channel-misconfig error detected on > Gi1/0/1, putting Gi1/0/1 in err-disable state so...what is the cause of this. check the config of gi1/0/1, ensure it matches the methods/speed etc of other members of the port-channel etc its been assigned to >

Re: [c-nsp] Link encryption and scalability kit etc

2016-05-09 Thread A . L . M . Buxey
Hi, ask/verify with the WAN/ISP provider that they are handling ethertypes od 0x888a and 0x88e5 (these are the minimal extras - EAPOL and MACSEC respectively) - and not just handling 0x800 and 0x86DD (and maybe one or two others) - loads appear to not carry any other tags (stops eg appletalk, D

Re: [c-nsp] TX low alarm warning

2016-02-15 Thread A . L . M . Buxey
Hi, > For some reason especially on 4500X 3.7 code we have also seen this message > on ports which are left no shut, and they have an SFP in it. It was > seriously polluting our logs so we wrote this: +1 > logging discriminator LOGFILTER mnemonics drops > SFF8472-5-THRESHOLD_VIOLATION > logging

Re: [c-nsp] Interface drops

2016-01-09 Thread A . L . M . Buxey
Hi, > Now, 14482944 of 548164331323 packets is a mere 0.002%... Hence - should > this be a cause of concern? well yes - that amount of drops leads to huge hit in network performance for eg TCP applications https://fasterdata.es.net/network-tuning/tcp-issues-explained/packet-loss/ > > #sh int

Re: [c-nsp] cat 6800 performance mode

2015-12-16 Thread A . L . M . Buxey
Hi, > What I can tell you is that 100Gbps ports are planned for late 2016, but > only for the 6807 chassis. The 6800 will not get this support. there are things out there and I cant just blurtstuff out...chat with your Cisco SE - I'm sure they can run you through some slides showing new things c

[c-nsp] Issue with Cisco 1000v Nexus in VSphere 6

2015-12-02 Thread A . L . M . Buxey
hi, We are trying to deploy the Nexus 1000v to our VM environment but are coming across an issue we cannot seem to resolve. We have deployed the 1000v (via template) and configured port-profiles, have managed to add the 1000v to vSphere 6 and established communications between the two. The is

Re: [c-nsp] Cache DNS servers

2015-12-01 Thread A . L . M . Buxey
Hi, > I have little question about DNS servers that you use in your environment? > We use bind on freebsd servers now. I did some benchmarks and found that > google public DNS is 8 - 10 time faster than my own. So I decide change BIND > for something more faster. I'm in MNO market. Any suggestion

Re: [c-nsp] 1 or 2 port Console/Ethernet server

2015-09-24 Thread A . L . M . Buxey
Hi, > Looking for recommendations on small 1 or 2 port ethernet-serial terminal > server. > Preferably one with some security on it, and that allows us to ssh direct to > the serial port. > Power control would be an added bonus but not mandatory. OpenGear - offer you many ways to access the s

Re: [c-nsp] LACP Fast

2015-08-12 Thread A . L . M . Buxey
Hi, > I have LACP fast enabled on various port channels. I would like to revert > back to default timers. Is it right that I need to delete the port channel > first?, then remove the LACP fast from each interface in the port channel. I > will be doing this in the lab, any help appreciated. i

Re: [c-nsp] dai / dhcp snooping bug

2015-08-10 Thread A . L . M . Buxey
Hi, > I've just now discovered a cli command - 'ip dhcp snooping binging > ' - which allows me to directly inject the needed information. > This would solve my short term problem and let me get back to a > reasonably well populated dhcp snooping table, but the question > becomes, is this going

Re: [c-nsp] Poor speed through GRE tunnel

2015-07-16 Thread A . L . M . Buxey
Hi, > (And occasionally talk to your colleagues) ;-) we worked long yesterday...and at the end of the day had discussions about next steps and where we could ask for advice... i went home and sent the email to c-nsp and , since I'm at a remote site this morning we didnt get chance to catch-up o

Re: [c-nsp] GRE tunnel 8000kbit (8Mbit) limit issue

2015-07-15 Thread A . L . M . Buxey
Hi, > we have a GRE tunnel between a 6506 (sup2T) running IOS 15.1 and a 3750 > running IOS 15.2 just to correct my shoddy problem statement, its s 6506E chassis with Sup2T and a 3750x (12s)(though more googling finds statement of no official support for GRE even on 3750-X or that it cann

Re: [c-nsp] GRE tunnel 8000kbit (8Mbit) limit issue

2015-07-15 Thread A . L . M . Buxey
Hi, > > we have a GRE tunnel between a 6506 (sup2T) running IOS 15.1 and a 3750 > > running IOS 15.2 > > 3750 doesn’t support GRE, you’re hitting limitation of the platform. > It’s miracle it works - mostly propably, because it hits software > forwarding path, and even if it’s not supported, it

[c-nsp] GRE tunnel 8000kbit (8Mbit) limit issue

2015-07-15 Thread A . L . M . Buxey
hi, okay...have googled and looked around...and no current joy. we have a GRE tunnel between a 6506 (sup2T) running IOS 15.1 and a 3750 running IOS 15.2 both ends report the tunnel interface as having the following details/limits Tunnel TTL 255, Fast tunneling enabled Path MTU Discovery,

Re: [c-nsp] "New" IOS release time frame, when bug is identified

2015-05-15 Thread A . L . M . Buxey
Hi, > Ive unfortunately uncovered a bug on the ME3600, and Cisco are recommending I > wait until IOS version with fix is released...problem is that they have given > me a date of 30th September 2015 for the release date! sounds typical. depending on what support contract you have and how you l

Re: [c-nsp] Port Channel Speed

2015-05-11 Thread A . L . M . Buxey
Hi, > WE have a port channel on NX 5548 connected to Cisco FI. There are two 10Gb > interface are bounded to it. your bandwidth on that port-channel is 20G... but the biggest flow supported is 10G - the Physical limit. alan ___ cisco-nsp mailing list

Re: [c-nsp] Full Duplex

2014-11-18 Thread A . L . M . Buxey
Hi, > Hi all , we were arguing about the full duplex FE interface and it's speedIs > it true that this interface can handle 100Mbps send and 100Mbps receive at > the same time? like it is 200Mbps ? sort of :-) yes, its 100mbit in both directions - so in theory you can be uploading and download

Re: [c-nsp] #SSID / resource usage

2014-10-06 Thread A . L . M . Buxey
Hi, > Is there a relation between the number of used SSID and used reources > (system/network/...) ? yes. physics is not a nice master ;-) e.g. http://www.revolutionwifi.net/2013/10/ssid-overhead-how-many-wi-fi-ssids-are.html alan ___ cisco-nsp maili

Re: [c-nsp] Removing An Interface from a Port Channel

2014-09-22 Thread A . L . M . Buxey
Hi, > I have a trunk with 4 interfaces what is the quickest way to remove ONE > interface from the Port channel?, is the command Default interface gi x/y/z > adequate?. > Thanks in advance. A colleague of mine removed an interface recently from a > port channel and the interface retained the

Re: [c-nsp] Galvanic isolation for Ethernet?

2014-08-18 Thread A . L . M . Buxey
Hi, > > yes - I can imagine the picture quite clearly. > > Can you imagine using optical fiber in this picture (unless the > devices were equipped with fiber ports)? you say there is no PoE? in which case yes, mini switches with fibre/SFP uplinks :-) (powered locally as per your current device

Re: [c-nsp] Galvanic isolation for Ethernet?

2014-08-18 Thread A . L . M . Buxey
Hi, > Because I hoped to find someone already using them and ready to give > positive or negative feedback about certain models. ah! > It's not like there is some backbone running between buildings as one > might imagine. It's just perimeter protection devices and cameras, and > an occasional da

Re: [c-nsp] Galvanic isolation for Ethernet?

2014-08-18 Thread A . L . M . Buxey
Hi, > You can run copper between buildings in underground or aboveground conduits, > if they're properly shielded - but it isn't a good idea due to RFI, etc. yes - thats how most POTS/PBX systems work after all - but recall all the lovely noises/artifacts etc that are the result of grounding pr

Re: [c-nsp] Galvanic isolation for Ethernet?

2014-08-18 Thread A . L . M . Buxey
Hi, > This seems to be the one we are already using (however not a > rackmounted variant, but standalone devices like the white thingie on > the left of the picture) and they are not helping. this one: http://www.apc.com/products/resource/include/techspec_index.cfm?base_sku=PNET1GB I think i'd

Re: [c-nsp] Galvanic isolation for Ethernet?

2014-08-18 Thread A . L . M . Buxey
Hi, > The choice is really big, Google gives many vendors and a wide range > of models of Ethernet protectors. yesso why did you originally ask about them? ;-) > Well, er, http://en.wikipedia.org/wiki/Galvanic_isolation ;-) yes, I believe in wikipedia. sorry, the term is not one I was famil

Re: [c-nsp] Galvanic isolation for Ethernet?

2014-08-18 Thread A . L . M . Buxey
Hi, > > http://datainterfaces.com/surge-protectors.aspx > > They do not seem to offer galvanic isolation, I think they use gas > discharge modules. How do I know they are any better than those we > already have (APC ProtectNet)? I dont. they are a choice thats out there - and define your 'galvan

Re: [c-nsp] Galvanic isolation for Ethernet?

2014-08-18 Thread A . L . M . Buxey
Hi, should never run copper for networks between buildings (and some would say ever outside buildings) - thats optic territory. we use optical isolation...but if you really want to protect your ports maybe these will help: http://datainterfaces.com/surge-protectors.aspx (if anyone else has e

Re: [c-nsp] Galvanic isolation for Ethernet?

2014-08-18 Thread A . L . M . Buxey
Hi, > Do you know any devices to provide galvanic isolation for twisted pair > Ethernet? > > We have regular Ethernet surge protection devices (AFAIK APC) between > the switch and the attached equipment but they don't help. This is the > second Catalyst already with a burnt group of ports. what

Re: [c-nsp] Need suggestion on cisco 3560 sw IOS

2014-06-26 Thread A . L . M . Buxey
Hi, > Also the OP should note that when you boot from from 12.2(52)SE to a later > versions, the boot loader will almost do a microcode upgrade on the C3560X > platform. Depending on the version involved, this can take up to 35 minutes > downtime per box. The release notes still don't mention thi

Re: [c-nsp] Need suggestion on cisco 3560 sw IOS

2014-06-26 Thread A . L . M . Buxey
Hi, > Request to suggest whether 12.2(58)SE or 12.2(55)SE , a stable IOS for > Cisco 3560-24TS switch since the switch got a software crash installed > with 12.2(52)SE. can you even GET 12.2(58)SE for that 3560-24TS switch? why not use/check the cisco IOS software download page? they suggest 12

Re: [c-nsp] NTP DDoS

2014-02-13 Thread A . L . M . Buxey
Hi, > Yeah, but I didn't mean for you to make that public :( ...all the info about open NTP servers on the (IPv4) internet is public and open now - has been since peopel started scanning for it... just waiting for the patient ones to start listing IPv6 NTP systems that can be hit *exactly* the s

Re: [c-nsp] Weird problem with 2960S and desktop switch

2014-01-10 Thread A . L . M . Buxey
Hi, if the burnt in MAC address is lower then it will take overso i guess the new switch has a higher mac address than your switch. alan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive

Re: [c-nsp] How to prevent https facebook from the cisco router 1841

2013-11-14 Thread A . L . M . Buxey
Hi, > i need to prevent users to open Facebook https traffic from my router cisco > 1841 you will need to invest in other technology that can achieve this...and wonder why you dont get the best people working for your company. blocking facebook isnt a technical issue...its a human resource issu

Re: [c-nsp] Spanning-tree ports cost Formula

2013-11-11 Thread A . L . M . Buxey
Hi, > The newer versions of the STP standards (802.1D udpdated and 802.1W/S) > have updated path cost values to cover higher speeds. a-ha! thanks for that - and the link! much appreciated...the ammo I need :-) alan ___ cisco-nsp mailing list cisco-ns

Re: [c-nsp] Spanning-tree ports cost Formula

2013-11-09 Thread A . L . M . Buxey
Hi, >I think what he is asking for is how try the values were extracted they are just default values for different interface types. I dont recall there being any formula (unlike eg OSPF/EIGRP calculations on links). cant recall if its CCNA or CCNP SWITCH level stuff: Spanning tree port cost

Re: [c-nsp] Spanning-tree ports cost Formula

2013-11-09 Thread A . L . M . Buxey
Hi, > What is the formula to assign a value of 19 to FE interfaces and other values > to other interfaces? cisco docs are searchable via google: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_configuration_example09186a008009467c.shtml of course, C

Re: [c-nsp] 6500 IOS recommendation?

2013-10-21 Thread A . L . M . Buxey
Hi, > Are people actually upgrading to 15.1SSY, or just running late > 12.2(33)SXI or SXJ until these boxes run out of resources? 15.1 SY1 and 15.2 - having a look at the resolved caveats its a wonder they ran at all on earlier releases ;-) alan ___ ci

Re: [c-nsp] C6K, SUP720, 15.1SY

2013-10-02 Thread A . L . M . Buxey
Hi, > We are running into some possible CEF bugs, and the response we are getting > from TAC is "15.1SY is buggy, you should be running 12.2SX." thats poor. we've had simialr for other devices. I point them to the open caveats for the older version and the fact we were exposed to those bugs - and

[c-nsp] debug on?

2013-09-16 Thread A . L . M . Buxey
hi, wonder what the cisco engineers have done with the sup2T image compilation - 15.1(1)SY1 weighed in just shy of 100MB, 15.2(2)SY however is jusy shy of 120MB - thats 20MB of either debugging etc ;eft on or I'll have to guess that the new 6500 IA feature takes on 20MB of codebase?? :| it does

Re: [c-nsp] Cisco IPSec VPN's (Tunnel Interfaces) migrating from 12.2.25 to 15.1.4

2013-09-13 Thread A . L . M . Buxey
Hi, > I'd be surprised if something didn't migrate over automatically. IOS will > accept older style commands, and upon parsing them, changed them to the new > format itself. You sure you're not running 12.4(25)? I don't think 2800s if the configuration format is deprecated then you can get th

Re: [c-nsp] cisco 4400 wireless lan controller (4402)

2013-09-13 Thread A . L . M . Buxey
Hi, > I have a customer that has one of these and it's rebooting over and over > again > > you know anything about that ? what version of software is it running? alan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailma

Re: [c-nsp] Input Errors And CRC Errors

2013-09-12 Thread A . L . M . Buxey
Hi, > Trying to diagnose a problem on a 6509 chasis, port showing input and CRC > errors on one end of the link. The link is a Tengigabit > I'me going to try the follwing: > Change fibre clean/check fibre first. ensure its the right type of fibre for the link length and media converter type >

Re: [c-nsp] PRTG OR ZABBIX MONITORING TOOL what is your opinion

2013-09-10 Thread A . L . M . Buxey
Hi, > NAGIOS needs a lot of tunning to be useful, I think, a serious NAGIOS > deployment with several devices and/or changes on the network (as for > example probes for several SLAs...) needs someone dedicated to > maintain it with some experience. depends on how you do things. most of our NAGIOS

Re: [c-nsp] Meraki? is anyone there testing it?

2013-09-10 Thread A . L . M . Buxey
Hi, > I just saw a service/product line from Cisco called Meraki. > Looks promising but... considering how everything is getting mad with > Snowden revelations... does it make sense to manage the network with a > cloud app? further more, Meraki availability is just based on "link" > to internet, n

Re: [c-nsp] Multi-Vendor CAPWAP AP Interop Using Cisco 5508 WLC

2013-07-25 Thread A . L . M . Buxey
Hi, > Can anybody tell me if this is still the current state of CAPWAP? > Has anybody seen or had experience running a multi-vendor AP deployment using > Cisco WLC's ? I havent seen any cross-vendor wireless solution using CAPWAP 'standard' at all. let alone working on cisco controllers... (gi

Re: [c-nsp] Cisco trunk port startup delay

2013-07-17 Thread A . L . M . Buxey
Hi, > > * I am definitely not disabling spanning-tree. I have enabled 'portfast > > trunk' on the port which reduced the port uptime significantly. > > * Disabling a lot of negotiation protocols improves port initialization > > time as well spanning-tree portfast trunk switchport nonegotiate (tha

Re: [c-nsp] Cisco 6500 mounting with cables

2013-07-08 Thread A . L . M . Buxey
Hi, > We ran cables left and right, but all servers was channel bonded > (split between left & right), so we could remove all cables required > and replace the fan tray without any disruption. Took a ton of work > though :-( we have VSS pairs so the remote links are dual linked (or more) to each

Re: [c-nsp] ASR9k Too Frequent Update on Rancid

2013-05-02 Thread A . L . M . Buxey
Hi, > We have recently added a new ASR9k into the nerwork. Prior to this we have > other routers running IOS XR namely CRS. > Being IOS XR the config in Rancid are the same for the CRS and also the > ASR9k, however the ASR9k has been "chatty" reporting changes as shown below > but not the CRS

Re: [c-nsp] InfoBlox

2013-04-24 Thread A . L . M . Buxey
Hi, > My thoughts are that this group is very knowledgeable about all networking > topics and it makes sense to me this group works because its a forum dedicated to a particular vendor and specific remit. the SnR is pretty good and you get answers because its a specific group FOR that purpose. i

Re: [c-nsp] EEM applet for Vlan for switches

2013-04-17 Thread A . L . M . Buxey
Hi, > Does anyone has idea or suggestion that which command is used on Switches to > write EEM applet through Cisco IOS Cli as the above mentioned command is not > working on switches. What is the syntax?? WHAT switches are you dealing with as many dont have any EEM ability alan __

Re: [c-nsp] 3750 stack "inaccessible" - memory leak

2013-04-05 Thread A . L . M . Buxey
Hi, > Each time my patience wears thin with TAC, I come here; it's typically > more productive :) > February 2011: 3750G stack stops answering to telnet/ssh with timeouts, > serial console reports "%% Low on memory; try again later". > Gets blamed on CSCsu27706, fixed in 12.2(44); but we're now o

Re: [c-nsp] Cisco Wireless VOIP IP phone issue

2013-03-28 Thread A . L . M . Buxey
Hi, > Does anyone know if there is a way to make a IP Phone update it's > access-point more often? We're having an issue where traveling between two > access points while on a call doesn't seem to poll for the strongest > wireless signal often enough. The symptoms include bi-directional voice > is

Re: [c-nsp] Rancid causing reload SUP2T 12.2.50-SY3

2013-03-26 Thread A . L . M . Buxey
Hi, ...just wondering why its doing 'write term' at the endthat used to cause issues a while back on the old sup2's alan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.

Re: [c-nsp] VS-S2T-10G card with WS-X6748-SFP Card => DFC Problems

2013-03-25 Thread A . L . M . Buxey
Hi, > Is it correct that DFC4s are field upgradeable? depends on the card. cisco document where your money will be spent. alan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puc

Re: [c-nsp] Inventory Control

2013-03-12 Thread A . L . M . Buxey
Hi, > > Hi allIs there an open source inventory control tool ? NetDISCO alan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/

Re: [c-nsp] 1.1.1.0/24 and Cisco WLCs

2013-03-11 Thread A . L . M . Buxey
Hi, > Maybe. But a lot of people *have* used it, because I've seen it when > doing webauth logins e.g. in airports, train networks, etc. And by > definition, the people unwise enough to use it are also likely to be > the people unwise enough to return and fix things up in the > installations they

Re: [c-nsp] Cisco Asset Discovery Open source Tool

2013-02-18 Thread A . L . M . Buxey
Hi, > Any of you knows an open source toll which will help us to discover > the Cisco asset details through SNMP or Telnet also help us to > track the AMC and generate alerts . a list of different requirements of which some tools can do and some cant. try RANCID and NetDISCO as starting points

Re: [c-nsp] How important is the HW revision of a module?

2013-02-14 Thread A . L . M . Buxey
Hi, > How concerned should I be about the HW and FW revisions? 2.2 to 4.3 seems > pretty far apart. I think the Hw isnt a problem - its usually a slightly different PCB layout, new ASIC, different capacitors etc. if there was a hardware fault then that would be VERY interesting for customers w

Re: [c-nsp] unknown interface for ipv6 route in 4.2.3

2013-01-30 Thread A . L . M . Buxey
Hi, > This... is amazing. And then people complain that a /64 is too big for > a single LAN. > > I'd expect more bugs and unexpected behaviour - implementations get tested > with "LAN = /64", and sometimes with "/112" or "/124", but I'd expect > most interesting results for connected networks wi

Re: [c-nsp] Switch lights rapid blinking

2013-01-28 Thread A . L . M . Buxey
Hi, > Yep, every port is in the default vlan until I'm allowed to make changes and > split this large broadcast domain into vlans. I woulnt call a /16 with only 200 hosts a large broadcast domain.. I know of several institutions (and their poor network admin) who have thousands of hosts in a fl

Re: [c-nsp] Switch lights rapid blinking

2013-01-28 Thread A . L . M . Buxey
Hi, > Alan, there are many normal things that can cause this, like ARP broadcast, > unknown unicast especially in a large flat nets. as I said, it could be the usual blinking...they do blink a lot even in a test/lab environment... and checking whats going on on uplink might be key for flat netwo

Re: [c-nsp] Switch lights rapid blinking

2013-01-28 Thread A . L . M . Buxey
Hi, > Can someone please point me in the right direction to correct this issue.  I > came into a network that is using the default vlan and for about 2 weeks now, > every switch and port is rapidly blinking.  I looked at wireshark and don't > seen anything out of the ordinary.  I also checked fo

Re: [c-nsp] Confirmation of Gigabit Ethernet autonegotiation behavior

2013-01-25 Thread A . L . M . Buxey
Hi, > Actually you can. :-) IEEE 802.3 claus 37.2.1.3 describes half duplex > for 1000BASE-X. It doesn't make a lot of operational sense, but it's > possible. ...you can have one repeater per collision domain ...sure...but then wheres your performance gone. proper cables and proper kit ;-) ala

Re: [c-nsp] Port-channel configuration "stickiness"...

2013-01-19 Thread A . L . M . Buxey
Hi, > Known bug? Feature? You can alter a port-channel configuration and > expect it to propagate to the members, correct? yes - changes to the port-channel are propagated to the members... if you do it the other way around then the interface WONT match the port-channel and the link will go d

Re: [c-nsp] Maximum spannig tree instances

2009-07-20 Thread A . L . M . Buxey
Hi, > purchasing. The docs seem to clearly state that the limits are per-slot and > do not mention model numbers. However, I can confirm that I have greatly > exceeded this specification for years now without serious wonkyness. I > have WS-X6516A-GBIC cards running as high as 6,400 virtual port

Re: [c-nsp] Maximum spannig tree instances

2009-07-20 Thread A . L . M . Buxey
Hi, > #sh vlan vir > > Slot 1 > --- > Total slot virtual ports 6448 > > Slot 2 > --- > Total slot virtual ports 1636 > > Total chassis virtual ports 8084 > > #sh mod > Mod Ports Card Type Model Serial > No. > --- - -

Re: [c-nsp] OT: Network documentation tool

2009-07-18 Thread A . L . M . Buxey
Hi, > I'm looking for the perfect documentation tool for network the obvious answer is the one that works for you and your organisation. you say you've got a CIFS share right now - but, used correctly, that might be the best way. certainly easy to backup ;-) we used some basic WIKI - qwikiwiki a

Re: [c-nsp] Management interface on 2950T-24 appears to be dead

2009-07-16 Thread A . L . M . Buxey
hi, had 2 similar issues with a 2950 and a 2960 recently. in one case, no console access but switch passing user traffic fine, in the other case, console access but still no mgmt access out/in. that second one we could clearly see the the mgmt VLAN was just 'dead' on the switch... a reboot out of

Re: [c-nsp] ASA IPsec Tunnel Failover

2009-07-14 Thread A . L . M . Buxey
Hi, > There's not as of yet. OSPF, RIP, EIGRP, yes, BGP no. ISIS ? stares blankly at the development team. alan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net

Re: [c-nsp] Maximum spannig tree instances

2009-07-14 Thread A . L . M . Buxey
Hi, > Rapid per VLAN spanning tree has scaling limitations in many environments. > Which is why some people go with MST instead. we hit the PVST limits so moved to RPVST..once we hit those limits we're sure to be going to MST ;-) alan ___ cisco-nsp mai

Re: [c-nsp] ASA IPsec Tunnel Failover

2009-07-14 Thread A . L . M . Buxey
Hi, > I was under the impression that there was no BGP support in the ASA platform, > unless someone knows otherwise? ah, ASAs and dynamic routing protocols...and you'll be wanting those in multi-context mode too? ;-) alan ___ cisco-nsp mailing list

Re: [c-nsp] Maximum spannig tree instances

2009-07-14 Thread A . L . M . Buxey
Hi, > ... but it doesn't say anything about the number of STP instances. things go wonky when you have more than 1800 virtualports per slot (which you didnt quite reach) (1200 on older eg 100mbit blades) with 13,000 in total (PVST+), 10,000 in total (RPVST+) however, with MST, you can have 6000

Re: [c-nsp] multiple vlans on a port

2009-07-13 Thread A . L . M . Buxey
Hi, > I realize this is impossible, at least I have read it is on an access > port. So if I sent up a trunk port with the machine, does the machine > need to speak 802.1q as well? > > interface GigabitEthernet0/15 > switchport access vlan 120 > switchport trunk native vlan 120 > switchport

Re: [c-nsp] Maximum spannig tree instances

2009-07-13 Thread A . L . M . Buxey
Hi, > This supportwiki > articlecould > be what you're looking for. I confirm the 1800 instances/slot limit. ...and

Re: [c-nsp] disable break on boot for IOS??

2009-07-13 Thread A . L . M . Buxey
Hi, >I have a situation with a former employee who still has legitimate > physical access to a shared space where we have some Cisco equipment. Today > one of our field guys located a UBR924 attached to our cable modem plant > with the cutest little rogue Linux machine attached to its ethernet

Re: [c-nsp] Mac address flapping..

2009-07-13 Thread A . L . M . Buxey
Hi, > You guessed it. The customer had vlan 42 and another vlan tied together in > their switch. That’s where the errors were coming from. > > > Thanks for all of the ideas. yay - I get a +1 NSP score - thats cool you've sorted it anyway. and anyway - this thread has been VERY useful to me

Re: [c-nsp] Mac address flapping..

2009-07-13 Thread A . L . M . Buxey
hi, i originally thought on the same lines too - but then having been told this still happens if theres only one link to the 4500s to the client - which makes the 6506-b almost a router at the end of a stick for that network things started to look a little 'wonky'. it wouldnt be taking traffic

Re: [c-nsp] Mac address flapping..

2009-07-12 Thread A . L . M . Buxey
Hi, > Actualy, > My 2 4506s are plugged into the customers, Flat, Default configed, Cisco > 3548-XL-EN switch. are they in the same VTP domain or having trunks fed to them? those switches are very very old and weak in terms of numbers of VLANs - especially in PVST mode etc do you handle the VLA

Re: [c-nsp] Mac address flapping..

2009-07-10 Thread A . L . M . Buxey
Hi, > Alan, > Po1 is the connection from 6509-a to 6509-b. > G1/7 goes to port G1/1 on 4506-a. > G1/8 goes to G1/1 on 4506-b. what is the root bridge for vlan 42? alan ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mai

Re: [c-nsp] Mac address flapping..

2009-07-10 Thread A . L . M . Buxey
Hi, >%MAC_MOVE-SP-4-NOTIF: Host 00d0.009e.2400 in vlan 42 is flapping > between port Po1 and port Gi1/7 ah yes - have you traced the path that these routes take - portchannel goes to where, Gi1/7 goes where? could they have introduced a loop locally at the edge - eg if portfast was ena

Re: [c-nsp] Free NMS Tools

2009-07-03 Thread A . L . M . Buxey
Hi, > Both tools work very well. However, we have recently been pushed to convert > these solutions to commercial ones as management feels they will get better > support if they pay for a solution... absolute rubbish. they should stick with their job and let you do your job which is ensuring that

Re: [c-nsp] tacacs+ an nexus 5010

2009-07-01 Thread A . L . M . Buxey
Hi, > No, it should be right. My problem is that if I do a tcpdump on the tacacs+ > server I dont see anything from the nexus. > It's like it doesn't leave the box at all. or is blocked elsewhere - check the network that the TACACS+ traffic is being sent on and check ACLs etc that might be in the

Re: [c-nsp] PIX/ASA Change Control

2009-06-26 Thread A . L . M . Buxey
Hi, > I'm curious to see what others are using for a frontend to RANCID. Besides > the emailing of the diff's that take place, what are others using to browse > the repository? I've been toying with some web-based CVS tools/viewers...but nothing serious yet. alan

Re: [c-nsp] PIX/ASA Change Control

2009-06-26 Thread A . L . M . Buxey
Hi, > Like Ryan said, clogin takes care of it. The only problem I've run into > is with v8.2 of the ASA code. Some nimrod programmer thought it would yes - I've been reading those threads (the joy of the internet eh? ;-) ) which is why I was wondering about a special script... > had a chan

Re: [c-nsp] PIX/ASA Change Control

2009-06-25 Thread A . L . M . Buxey
hi, regarding RANCID and Cisco ASAs - are there common scripts etc for logging/scraping such devices as there are for cisco (clogin), foundry (flogin) etc? ..or does it all just magically work with clogin (looking at the clogin and rancid code it seems to be that way...but theres so many CLI quir

Re: [c-nsp] Reload without confirmation

2009-06-24 Thread A . L . M . Buxey
Hi, > $ snmpset -v2c -c private 10.0.0.2 1.3.6.1.4.1.9.2.9.9.0 i 2 > Error in packet. > Reason: noCreation (That table does not support row creation or that > object can not ever be created) > Failed object: SNMPv2-SMI::enterprises.9.2.9.9.0 hmmm, wonder if you've got some SNMP ACLs or community

Re: [c-nsp] Cisco IP Phones and IPv6

2009-06-11 Thread A . L . M . Buxey
Hi, > > I beleave that 8.4 on the 7961 does > > Sent from my iPhone > > On Jun 11, 2009, at 8:00 AM, Skeeve Stevens wrote: > > Does anyone know if any of the SCCP or SIP images for any of the models of > Cisco IP Phones support IPv6? 8.4.2S show it ghosted out on the network info page...i th

Re: [c-nsp] WLC discovery

2009-06-11 Thread A . L . M . Buxey
Hi, > The only other things you can do are check firewalls between subnets (make > sure both IPs are allowed, etc). You can try a few 'debug [...]' commands on > the controller, but what you may really need is a ladder. :-) the AP joins..and then goes. when you move to l3 mode you rely on inform

Re: [c-nsp] WLC discovery

2009-06-11 Thread A . L . M . Buxey
Hi, > Hi, > > There is only one controller and I believe this is the master controller. > DO you know, where I could check this? CLI or web interface. on web interface it should be under controller menu. CLI is buried somewhere non intuitive ;-) alan _

Re: [c-nsp] WLC discovery

2009-06-10 Thread A . L . M . Buxey
Hi, > Hi, > > A Cisco WLC4402 is configured and working alright. All of the APs currently > are in the same subnet and hence the discovery do not require DHCP Option 43 > or DNS. I want to add another AP that is in a different. When the AP tries to > register with the WLC, it registers momentar

Re: [c-nsp] Opensource tool to measure Jitter for VoIP

2009-06-08 Thread A . L . M . Buxey
Hi, > What are the there legal ramifications to this? While I like to think that > "it's my network, I'll do what I want to measure its performance", I *think* > that sniffing voice traffic without consent is considered wiretapping. > IANAL, but it would behoove you to get a consent form from

Re: [c-nsp] OT: Access Point Automatically shifting between Controller-based and Autonomous Modes?

2009-05-21 Thread A . L . M . Buxey
Hi, > The branches are all connected to the head office by radio or vsat links. > > I am considering placing a controller at the head office to manage all > access points including those at the remote locations. > > However, if the radio or vsat link to the branch should go down (which is > quit

Re: [c-nsp] [SPAM?] Certification Ethics

2009-05-12 Thread A . L . M . Buxey
Hi, > The web example question was "how many usable /26 do you have in a /24" > and the answer was "2". Right. Like ANYONE has ever IN THE REAL WORLD > used a Cisco router without "ip subnet-zero" and "ip classless" since > 1995. > > I hope this has improved since I last looked at it. not rea

Re: [c-nsp] Wireless Splash Screen Cisco AP Aironet

2009-05-07 Thread A . L . M . Buxey
Hi, > Sorry, just being curious, what would you do if a client clicks "I don't > agree"? ..they dont get access to the network? after all, the agreement is a contract to show the party is happy with the terms of network provision. alan ___ cisco-nsp

Re: [c-nsp] X2 to GigE

2009-04-21 Thread A . L . M . Buxey
Hi, > There's a patent covering exactly this: > > http://www.patentgenius.com/patent/7488121.html > > It envisages any XAUI into any XFI module conversion options, which will be > really great. why is there a patent granted for this? its obvious. now what'll happen is noone will make such adap

Re: [c-nsp] Nexus 5K FCoE to FC breakout

2009-04-16 Thread A . L . M . Buxey
Hi, > > We're actually using in-house built ATA-over-Ethernet devices which have > > similar advantages, but this isn't very 'enterprisey' > > Sounds very cool! I look forward to learning more about this > ATA-over-Ethernet. Linux has supported ATAoE for some time - http://aoetools.sourceforge

  1   2   3   >